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DIGITAL CAMERA WITH IMAGE AUTHENTICATION 

FIELD OF THE INVENTION 

The present invention relates to tlie field of electronic photography, 
5 and in particular, to the authentication of images captured by a digital camera. 

BACKGROUND OF THE INVENTION 

Digital images produced by digital cameras can be easily 
manipulated, for example, to add or remove objects from a scene. This makes the 

10 authenticity of any digital image questionable when used, for example, as legal 
evidence at a crime scene. Cameras performing "image authentication" may use 
some type of "digital signature" that indicates vi/hether the image has been 
modified. Approaches employing the well known public key encryption system 
are described in U.S. Patent No. 5,499,294, issued March 12, 1996 to Friedman 

15 and in commonly-assigned U.S. Patent No. 5,898,779, issued April 27, 1999 to 
Squilla et al., the disclosure of which is herein incorporated by reference. The use 
of the public key encryption system to ensure that the digital signature is not 
altered requires that the camera utilize a private key to generate the digital 
signature, which can later be authenticated using a corresponding public key. 

20 One major issue with this approach is proving that the private key 

remained private from the moment the camera was manufactured, and could never 
have been compromised and later misused in order to digitally sign an altered 
picture. A clever defense attorney could call into question whether a biased law 
enforcement agency could have somehow obtained the private key for the camera 

25 they allegedly used to photograph incriminating evidence, and misused it. Some 
prior art cameras use private keys that are separately generated (e.g., by a separate 
computer) and provided to the camera by uploading firmware including the private 
key to the camera. In these cases, the manufacturer or in some cases, even the 
user, has some record (e.g., in the separate computer) of the private key. Thus, 

30 there is no way to absolutely prove that the private key was not somehow "leaked" 
and used to alter an image captured by the camera. 
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Another shortcoming of the prior art approaches of employing 
public key encryption systems to authenticate images is that the manufacturer must 
bear the cost of securely generating the public/private key pairs and loading them 
in the camera. 

5 Current owners of digital cameras may desire to add such a security 

feature to their cameras by loading the authentication software and private key into 
the existing camera's control system. A vulnerability of this system is the 
generation and uploading of the private key to the camera, which could be 
intercepted by a third party during the generation or uploading of the private key to 
1 0 the camera. 

There is a need, therefore, to provide an improved public key 
encryption system for authenticating digital images captured by a camera in a way 
that reduces the chances that the private key used to create the digital signature in 
a digital camera can be discovered or compromised, and that relieves the 
1 5 manufacturer of the burden of generating and loading private keys in a secure 
manner. 

SUMMARY OF THE INVENTION 

The above identified need is met according to the present invention 
20 by providing a digital camera having a public key encryption system to establish 
the authenticity of digital images created by the camera. The private key/public 
key pair is generated within the digital camera using an algorithm which ensures 
that it is unique, rather than being generated on a separate computer and uploaded 
to the camera. The private key is stored in a memory within the camera, so that it 
25 cannot be discovered. Because the private key is never generated or stored on a 
separate computer or transmitted to the camera over a separate interface, it is 
much more secure. This greatly reduces the risk that the private key will be 
compromised. Also, because the private-public key pair is generated internal to 
the camera, the manufacturer does not need to provide for the security of private 
30 key generation and loading of the private key into the camera. 



BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 is a system block diagram showing a digital camera and a 
host computer useful in practicing the present invention; 

FIG. 2 is a flow diagram illustrating the manufacture and use of the 
5 digital camera of FIG. 1 according to the present invention; and 

FIG. 3 is a flow chart showing an algorithm for generating the 
private key/public key pair within the digital camera of FIG. 1 according to the 
present invention. 

1 0 DETAILED DESCRIPTION OF THE INVENTION 

Because image authentication systems using public key encryption 
for image authentication are well known, the following description will be 
directed to the particularly unique elements and features of the present invention. 
Elements not specifically shown or described herein may be selected from those 

15 known in the art. Some aspects of the present invention may be implemented in 
software. Unless otherwise specified, all software implementation is conventional 
and within the ordinary skill in the programming arts. 

The camera and system of the present invention enables a 
photographer or another to authenticate an image captured by the camera, to 

20 ensure that the image has not been modified. The camera and system 

accomplishes this by generating a private key/public key pair within the digital 
camera, rather than on a separate computer, and storing the private key in a 
nonvolatile memory within the digital camera. This ensures that there is never a 
record of any type external to the digital camera that includes the private key. 

25 Because the private key is not made available to anyone at any time outside of the 
camera, the chances of it being compromised are substantially reduced. 

A system block diagram is shown in FIG. 1 , and includes a portable 
digital camera 10 and a host computer 12. The camera 10 includes a lens 14, 
which may be a motor driven zoom lens with automatic focusing, a 

30 shutter/aperture 15, an image sensor 16, a variable gain amplifier 17, an analog-to- 
digital (A-to-D) converter 33, a processor 18, a removable memory card 20 
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received in a memory card interface 22, random access memory (RAM) 24, and 
Flash memory 26. The digital camera 10 can also include a color liquid crystal 
display (LCD) 28, a number of user input buttons 30, and a host computer 
interface 32, such as a universal serial bus (USB). The image sensor 16 is covered 
5 with a color filter array (CFA) (not shown), such as described in commonly 
assigned U.S. Patent No. 3,971,065 to Bayer, the disclosure of which is herein 
incorporated by reference. The processor 1 8 converts the raw digital data from the 
image sensor 16, which is temporarily stored in RAM memory 24, into 
interpolated color data using an algorithm such as the one described in commonly 

10 assigned U.S. Patent No. 5,506,61 9 to Adams et al., entitled "Adaptive color plan 
interpolation in single sensor color electronic camera," the disclosure of which is 
herein incorporated by reference. The interpolated color image data is color 
corrected, sharpened, and compressed using the well-known JPEG compression 
algorithm, and stored within an image file, for example, the Exif version 2.1 

15 image file, on the removable memory card 20. The Exif image format is defined 
in "Digital Still Camera Image File Format Standard, Exchangeable image file 
format for Digital Still Camera: Exif," JEIDA-49-1998, June 1998 by the Japan 
Electronics Industries Development Association (JEIDA). Note that since JPEG 
compression is a lossy compression algorithm, it is impossible to exactly 

20 reconstruct the raw image sensor data by decompressing and processing the JPEG 
compressed image data within the Exif image file. 

The processor 1 8 includes a real-time clock (not shown) which 
provides digital date/time information. This date/time "metadata," as well as other 
metadata, for example, the zoom lens focal length setting, and the exposure time 

25 and f/# values used by the shutter/aperture 1 5 when capturing a particular picture, 
are recorded in the image file, using the TIFF tags described in the Exif document 
cited above. Additional metadata which is the same for all images, such as the 
copyright owner or camera owner, can also be downloaded from the host 
computer 12 to the digital camera 10 and stored in the Flash memory 26. This 

30 metadata can also be copied into the appropriate TIFF tags within the Exif image 
file. Other types of metadata, such as a digital audio recording or global 



positioning system (GPS) information could be obtained from a microphone input 
(not shown) or GPS receiver (not shown) built into or attached to the digital 
camera 10 and stored as part of the Exif image file, within the appropriate TIFF 
tags or application segments, as described in the Exif document cited above. 
5 Thus, each image file contains not only image data, but also a significant amount 
of metadata. 

The digital camera 10 operates in the conventional manner, using 
the lens 14 to focus an image through the shutter/aperture 1 5 onto the image 
sensor 16, amplifying the analog image sensor signal by the variable gain 

10 amplifier 17 set to provide a normal gain level, converting the signals recorded by 
the image sensor 16 to digital signals in the A-to-D converter 33 to produce a 
digital image, processing the digital image in the processor 18, for example, to 
compress the image and place it in a standard format, and storing the image in the 
removable memory card 20. In addition, the digital camera 10 employs the 

1 5 processor 1 8 to create a digital signature for an image, or a portion of the image 

using a public key system and to attach the digital signature to the digital image, as 
disclosed in U.S. Patent No. 5,898,779. The digital signature can be stored within 
an Exif version 2. 1 image file by registering a TIFF tag for this purpose and 
including the TIFF tag and digital signature value within the Exif application 

20 segment at the begiiming of the JPEG file. 

The host computer 12, which can be a Personal Computer, 
includes, by way of example, a mother board 34 containing a power supply (not 
shown), a microprocessor (not shown), e.g., an Intel Pentium II ™ processor, and 
memory (not shown) as is well known in the art. As shown in FIG. 1, the host 

25 computer 12 further includes a display monitor 36, operator interfaces such as a 
keyboard and mouse 38, a hard drive 40, a CD-ROM drive 42 for reading CD- 
ROM discs 44, an interface 46, such as a universal serial bus (USB), and a 
memory card reader 48 for reading the removable memory cards 20 from the 
digital camera 10. The host computer 12 operates in the conventional maimer to 

30 receive and display digital images recorded by the digital camera 1 0. In addition, 
the host computer 12 can employ the public key to authenticate the digital 
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signatures appended to the digital images, using the known prior art techniques. 
In the digital camera 1 0 according to the present invention, the public/private key 
pair is produced by the processor 18 in the digital camera 10, and the private key is 
securely stored in the Flash EPROM 26 
5 FIG. 2 is a flow diagram showing the steps in the manufacture and 

use of the digital camera 10 according to the present invention. Dijring 
manufacture, the firmware for generating the public/private key pair is installed in 
the digital camera 10 (step 50). Alternatively, the camera firmware can be updated 
at some time after the digital camera 1 0 has been manufactured, for example, 

1 0 when the user purchases or receives "updated" camera firmware, for example, by 
obtaining a CD-ROM disc with the updated firmware, or by downloading the 
updated firmware from the internet. When the digital camera 10 is turned on 
(step 52), a check is made by the processor 1 8 to see if this is the first time the 
digital camera 10 has used this firmware (step 54). If this is the first time, the 

1 5 processor 1 8 creates the public/private key pair (step 56) and stores the private key 
in flash memory 26 (step 58). The processor 18 then deletes the key generation 
instructions from the firmware memory (step 60). The operation of the digital 
camera 1 0 then proceeds as follows. Each time the user takes a picture, the 
captured image is temporarily stored in RAM memory 24 (step 62). A random 

20 number k is produced from a hash of the unprocessed image sensor data (step 64). 
The processor 1 8 then processes the color image data to provide fully processed 
and JPEG-compressed image data (step 65). The processor 1 8 calculates a hash 
value of the JPEG compressed image data and the metadata that is to be stored in 
the image file (step 66), reads the private key from the Flash memory 26, and uses 

25 it along with the random number k to create a digital signature of the compressed 
image and metadata hash value (step 68) which is then also stored within the same 
image file. The processor 1 8 stores the image files, including the digital signature 
and public key, on the removable memory card 20 (step 70). 

To view the image (step 72), either the removable memory card 20 

30 can be placed in the memory card reader 48 and the digital image file read from 
the memory card 20, or the digital image file can be directly downloaded from the 
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digital camera 10 into the host computer 12 via the USB interface 32,46. An 
application in the host computer 12 uses the camera's public key to decrypt the 
digital signature contained within the image file to obtain a hash of the JPEG 
compressed image data and the metadata that is stored within the image file 
5 (step 74). The application then creates a second hash from the JPEG compressed 
digital image data and the metadata that was stored within the image file (step 76), 
and checks to see whether this second hash matches the decrypted hash (step 78). 
If the hashes match, it is evidence that the digital image has not been modified 
since it was captured by the digital camera 10. 

1 0 According to a preferred embodiment of the present invention, the 

digital signature generation is performed as specified in the Digital Signature 
Standard (DSS) and explained in Federal Information Processing Standards 
Publication (FIPS) PUB 186-1, dated December 15, 1998. The DSS specifies a 
suite of algorithms that can be used to generate a digital signature. In particular, it 

1 5 discusses both the technique specified in ANSI X9.3 1 (the RS A algorithm) and 
the Digital Signature Algorithm (DSA) as options for digital signature generation. 
Preferably, the DSA algorithm is employed for digital signature creation. 

The DSA makes use of the parameters p, q, g, k, x, and 3/, as 
specified in FIPS 186-1. The parameters p, q, and g are public and can be 

20 generated either inside the camera specific to each camera or can be generated 
outside the camera on a host computer and provided as constants supplied in the 
camera key generation firmware. The parameters p and q are generated according 
to the specification in Section 2.2 of FIPS 1186-1. In a preferred embodiment of 
the present invention, p is represented by a 768 bit value. Alternatively, any 

25 multiple of 64 bits between 512 bits and 1024 bits can be used. The value of g is 
restricted to be a 160 bit prime according to the requirements of the DSA standard. 
In a preferred application, the values for p, q and g are supplied as constants as 
part of the camera key generation firmware. Since p and q must be prime 
numbers, it is difficult to compute them using a simple algorithm in a short period 

30 of time within the camera. 
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The parameter x is the private key of the camera and is a randomly 
or pseudo-randomly generated integer with the restriction that 0<x<^. The 
parameter;/ is the camera's pubHc key. According to the present invention, x and 
y are generated inside the camera after installation of the camera firmware, and 
5 only the parameter y is made public, while the parameter x is never revealed. 

In a preferred embodiment, the public key of the camera is included 
in the digital image file (e.g., in the image file header as indicated in step 70 of 
FIG. 2), that represents the image captured by the camera so that a quick 
authentication can be performed without the necessity of consulting another source 

10 to obtain the public key. However, if the public key associated with a given 

camera is not certified at the time of key generation, it is possible for an imposter 
to alter the image and then sign the altered image with a new private key 
(generated by the imposter) and include the matching public key in the image file. 

In an alternative embodiment of the present invention, the public 

1 5 key y associated with a given camera is also certified by a certification authority 
and stored for future reference. The certification authority could be, for example, 
the camera manufacturer or an independent certification authority such as 
Verisign ® available at WWW.verisign.com , or even the owner, depending on the 
level of security desired. In the event that the certification authority is 

20 independent from the manufacturer, the manufacturer can send the camera to the 
certification authority, where it is activated to generate the public/private key pair. 
The certification authority then records the public key generated by the camera, 
and forwards the camera to the end user. Alternatively, the camera user generates 
the public/private key pair and requests a certificate from the certification 

25 authority by sending the public key to the certification authority via a secure 
internet communication. 

FIG. 3 is a flow chart depicting step 56 of FIG. 2 in greater detail. 
In particular, FIG. 3 depicts how the private key/public key pair is created within 
the digital camera 1 0 in a way that ensures that it is unique and that the same 

30 algorithm cannot be run again on a separate camera or computer in order to create 
the same key pair. 
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It is important to generate the private key x inside the camera using 
a process that cannot be dupHcated at a later time, otherwise, the camera security 
would be compromised. The first steps in the generation of the keys provide a 
random seed. The random seed needed for the generation of x can be provided in 
5 a variety of ways, for example, using a pseudo-random number generation 
algorithm that uses as an input a time-dependent internal state of the camera 
microprocessor (such as the output of an internal clock) at the time of the key 
generation. 

In a preferred approach depicted in FIG. 3, the random seed is 

1 0 generated by processing an image captured from the image sensor, which provides 
random dark field image data. In step 300, the variable gain amplifier 17 is set to 
provide a high level of gain. In step 3 10, an image is captured with the shutter 15 
closed, and the raw CFA data from the image sensor 16 is temporarily stored in 
the RAM 24. The stored CFA data is composed of amplified dark current noise, 

15 so that each pixel value has a random noise level. In step 320, the entire raw 

sensor image (or alternatively, a portion of the image) is then hashed down to 160 
bits using the SHA-1 algorithm as specified in FIPS PUB 180-1. The stored raw 
data is then deleted from the RAM 24 (step 330). The 160 bit output of the SHA- 
1 is used as the random seed for the generation of x (step 340). 

20 The private key parameter x is then generated from the 160 bit 

random seed as specified in Appendix 3 of the FIPS PUB 186-1. The public key >■ 
is then generated from the private key x using the equation = g^mod p, in 
accordance with section 4 of FIPS PUB 186-1. 

After the public/private key pair has been generated, the values are 

25 stored in Flash memory 26. The camera 10 uses the private key parameter x to 
generate a digital signature. In addition to the parameter x, every time that a 
signature is generated, the DSS algorithm requires a randomly or pseudo -randomly 
generated integer k (0<k<q). It is important to generate a new value of k for each 
signature. Although the value of A: is completely random and does not depend on 

30 the camera's private or public key, it influences the value of the generated 

signature. Consequently, if the value of k is compromised, the camera's private 
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key can be more easily reverse engineered. Furthermore, if the same value of A: is 
used twice to generate two signatures, a hacker can figure out the private key of 
the camera without even knowing the value of k. So it is imperative that for every 
signature, a fresh randomly selected 160 bit k value be generated. 
5 In step 64 of FIG. 2, the processor 1 8 generates the value of A; in a 

manner similar to what was used to generate the x value, but using the actual 
image data of the captured image rather than a dark image. More specifically, 
prior to lossy JPEG compression, the raw 8-bit CFA pixel values of the image that 
are temporarily stored in RAM 24 prior to image processing and compression are 

1 0 concatenated together to form a string of bits. This string is then hashed down to 
160 bits using the same SHA-1 algorithm used to hash the image and metadata to 
create the digital signature. The 160-bit hash value is used as the random seed 
into an algorithm to generate the random number k, as described in Appendix 3 of 
the FIPS PUB 186-1. Since JPEG compression is a lossy operation and it is 

1 5 performed on the interpolated data, it is computationally infeasible to figure out 

the raw CFA values from the compressed file, and hence, this approach results in a 
random number that is independent of the image file being signed. 

In another embodiment, two different digital signatures are 
included in the image file. The first digital signature is used for image data and 

20 metadata (such as the camera aperture setting and the date/time setting) that 

should never change. The second digital signature is used for metadata that may 
possibly change, such as copyright owner and audio annotation file. The TIFF tag 
used to store the digital signature stores these two separate digital signature values. 
The application in the host computer 12 uses the camera's public key to decrypt 

25 both of the hash values, to create hashes from the compressed digital image data 
and metadata, and to check whether the newly created hashes match the two 
decrypted hashes. If both sets of hashes match, it is evidence that neither the 
digital image nor any of the metadata has been modified since it was captured by 
the digital camera 10. If the first set of hashes matches, but the second set of 

30 hashes does not match, it is evidence that the image has not been modified, but 
that some of the metadata (e.g., the image copyright owner) has been modified. 
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In another embodiment, the digital signature can be generated from 
processed but uncompressed image data and the metadata that is stored in the 
image file. Alternatively, the digital signature can be generated from the raw 
image data and the metadata that is stored in the image file. However, since it is 
5 preferred to calculate the random number k from the raw image data prior to 

interpolation, an alternative method for generating k is necessary when the digital 
signature is generated from the raw image data. For example, data from the image 
sensor that is not used in the image, such as dark reference pixels, could be used 
for the computation of k. 
10 The invention has been described in detail with particular reference 

to certain preferred embodiments thereof, but it will be understood that variations 
and modifications can be effected within the spirit and scope of the invention. 
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WHAT IS CLAIMED IS: 

1 . In a digital camera of the type employing a private key to 
encrypt a hash of a digital image captured by the digital camera to produce an 
image authentication signature, the improvement comprising: 

(a) a processor located within the digital camera for producing 
a public/private key pair; and 

(b) means for storing the private key in a memory in the digital 
camera for subsequent use in encryption of the hash of the digital image to 
produce the image authentication signature. 

2. The digital camera claimed in claim 1 , wherein the 
processor includes means for producing a random seed for the private key by 
hashing an initial test image captured by the digital camera. 

3. The digital camera according to claim 2, further including: 

(i) a shutter and an image sensor for capturing images; 

(ii) a variable gain amplifier coupled to the image sensor; 

(iii) an analog-to-digital converter coupled to the variable gain 
amplifier and the processor for producing digital signals corresponding to the 
captured images; and 

(iv) the processor causing the variable gain amplifier to be in a 
high gain condition when the initial test image is captured. 

4. The digital camera claimed in claim 1 , wherein the 
processor includes one or more algorithms for producing a random seed, wherein 
the random seed is used to produce a random number k, and for using the random 
number k to create the image authentication signature by hashing the raw image 
data prior to image processing. 
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5. The digital camera claimed in claim 4, wherein the 
processor includes an image processing algorithm which uses JPEG compression. 

6. In a method of producing an image authentication signature 
in a digital camera employing a private key to encrypt a hash of an image captured 
by the digital camera, the improvement comprising the steps of: 

(a) producing the private key in the digital camera; and 

(b) storing the private key in a memory in the digital camera for 
subsequent encryption of the hash of the digital image. 



7. A method of authenticating an image captured by a digital 
camera, comprising the steps of: 

(a) producing a private key/public key pair in the digital 

camera; 

(b) storing the private key in a memory in the digital camera; 

(c) conmiunicating the pubhc key to a user; 

(d) capturing a digital image; 

(e) hashing the captured digital image in the digital camera to 
produce an image hash; 

(f) encrypting the image hash in the digital camera with the 
private key to produce a digital signature; and 

(g) authenticating the digital image by hashing the image 
outside of the digital camera, decrypting the digital signature using the public key 
to produce a decrypted signature, and comparing the decrypted signature with the 
image hash produced outside of the digital camera. 



8. A method of manufacturing a digital camera capable of 
producing a digital signature useful for image authentication, comprising the steps 
of: 
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(a) manufacturing a digital camera with an internal processor 
for processing a public/private key pair, storing the public key in a memory in the 
digital camera and communicating the public key to a camera operator; 

(b) sending the digital camera to an authentication service; 

(c) activating the digital camera at the authentication service to 
produce the public/private key pair, and registering the public key at the 
authentication service; and 

(d) sending the digital camera to a user. 

9. In a digital camera of the type employing a private key to 
encrypt a hash of a digital image captured by the digital camera to produce an 
image authentication signature and a metadata signature corresponding to one or 
more metadata values, the improvement comprising: 

(a) a processor located within the digital camera for producing 
a public/private key pair; and 

(b) means for storing the private key in a memory in the digital 
camera for subsequent use in encryption of the hash of the digital image to 
produce the image authentication signature and the metadata signature. 

10. A method of producing an image authentication signature in 
a digital camera, comprising the steps of: 

(a) capturing a digital image; 

(b) compressing the captured digital image; 

(c) providing one or more metadata values; 

(d) hashing the compressed captured digital image and at least 
one of the metadata values to produce an image hash; and 

(e) encrypting the image hash to produce the image 
authentication signature. 
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1 1 . The method according to claim 10 further including the step 
of storing in an image file in the digital camera, the image authentication 
signature, the compressed digital image data, and the one or more metadata values. 

12. The method according to claim 10 wherein the encrypting 
step includes encrypting the image hash with a private key produced in the digital 
camera to produce the image authentication signature. 

13. The method according to claim 10 further including the 

steps of: 

producing a public/private key pair in the digital camera; 

storing the private key in a memory in the digital camera; 

wherein the encrypting step includes encrypting the image hash 
with the private key to produce the image authentication signature; and 

authenticating the captured digital image by hashing the 
compressed digital image outside of the digital camera, decrypting the image 
authentication signature using the public key to produce a decrypted signature, and 
comparing the decrypted signature with the image hash produced outside of the 
digital camera. 

14. The method according to claim 10 further including the 
steps of: hashing the uncompressed captured digital image to produce a random 
number k; and wherein the encrypting step includes using the random number k to 
produce the image authentication signature. 



15. The method according to claim 10 wherein the encrypting 
step further produces a metadata signature corresponding to the one or more 
metadata values. 
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ABSTRACT OF THE DISCLOSURE 

A digital camera having a public key encryption system to establish 
the authenticity of digital images created by the camera, wherein the private 
key/public key pair is produced within the digital camera using an algorithm 
which ensures that it is unique, rather than being produced on a separate computer 
and uploaded to the camera. The private key is stored in a memory within the 
digital camera, so that it cannot be discovered. 



Firmware is installed in 
camera during 
manufacturing 



Camera is turned on 




Processor creates 
public / private key pair 



Processor stores 
private and public keys in 
flash memory 



Processor deletes the 
key generation algorithm 
from the firmware memory 



User takes a picture, 
image is temporarily stored 
in RAM memory 






Random number k is 
generated from hash of 
unprocessed image data 






Process and JPEG 
compress image data 







Processor calculates 
image hash of JPEG data 
and metadata 



Processor reads | 
private key and uses it > (j» ? 
along with k to create 
digital signature of coi-^yCis^dJtnM 
and metadata hash value I 



' Processor stores 
image files, including 
header with digital 
signature and public key, 
on removable memory card 
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Image is downloaded 
to PC and viewed 
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Set variable gain amp 
to higii setting 



Capture sensor 
image data with shutter 
closed, using high gain 
setting 



Hash the stored, 
unprocessed sensor data 
using SHA-1 to create 160 
bit random number seed 



Delete the stored raw 
image data from the RAM 
memory 



Use the 160 bit seed 
to generate the private l<ey 
X and the public key y 
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